H3C S3610 Series Operation Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Switch
  5. S3610 Series
  6. Operation manual
H3C S3610 Series Operation Manual

H3C S3610 Series Operation Manual

Ssl-https
Hide thumbs Also See for S3610 Series:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Command Manual, Operating Manual
Operation Manual - SSL-HTTPS
H3C S3610&S5510 Series Ethernet Switches
Chapter 1 SSL Configuration ....................................................................................................... 1-1
1.1 SSL Overview .................................................................................................................... 1-1
1.2 SSL Configuration Task List .............................................................................................. 1-2
1.3 Configuring an SSL Server Policy ..................................................................................... 1-2
1.3.1 Configuration Prerequisites..................................................................................... 1-2
1.3.2 Configuration Procedure ......................................................................................... 1-2
1.3.3 SSL Server Policy Configuration Example.............................................................. 1-3
1.4 Configuring an SSL Client Policy....................................................................................... 1-5
1.4.1 Configuration Prerequisites..................................................................................... 1-5
1.4.2 Configuration Procedure ......................................................................................... 1-6
1.5 Displaying and Maintaining SSL ........................................................................................ 1-6
1.6 Troubleshooting SSL ......................................................................................................... 1-6
1.6.1 SSL Handshake Failure .......................................................................................... 1-6
Chapter 2 HTTPS Configuration .................................................................................................. 2-1
2.1 HTTPS Overview ............................................................................................................... 2-1
2.2 HTTPS Configuration Task List ......................................................................................... 2-1
2.3 Associating the HTTPS Service with an SSL Server Policy.............................................. 2-2
2.4 Enabling the HTTPS Service ............................................................................................. 2-2
2.6 Associating the HTTPS Service with an ACL .................................................................... 2-4
2.7 Displaying and Maintaining HTTPS ................................................................................... 2-4
2.8 HTTPS Configuration Example.......................................................................................... 2-5

Table of Contents

i
Table of Contents

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the S3610 Series and is the answer not in the manual?

Questions and answers

Related Manuals for H3C S3610 Series

Summary of Contents for H3C S3610 Series

  • Page 1: Table Of Contents

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Table of Contents Table of Contents Chapter 1 SSL Configuration ....................... 1-1 1.1 SSL Overview ........................1-1 1.2 SSL Configuration Task List ....................1-2 1.3 Configuring an SSL Server Policy ..................1-2 1.3.1 Configuration Prerequisites..................

  • Page 2: Chapter 1 Ssl Configuration

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration Chapter 1 SSL Configuration When configuring SSL, go to these sections for information you are interested in: SSL Overview SSL Configuration Task List Displaying and Maintaining SSL Troubleshooting SSL 1.1 SSL Overview...

  • Page 3: Ssl Configuration Task List

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration SSL change cipher spec protocol: Used for notification between a client and the server that the subsequent packets are to be protected and transmitted based on the newly negotiated cipher suite and key.

  • Page 4: Ssl Server Policy Configuration Example

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration To do... Use the command... Remarks ciphersuite Optional Specify the cipher suite(s) [ rsa_aes_128_cbc_sha | By default, an SSL server for the SSL server policy rsa_des_cbc_sha |...
  • Page 5 Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration Caution: In this instance, Windows Server works as the CA and the Simple Certificate Enrollment Protocol (SCEP) plug-in is installed on the CA. II. Network diagram Figure 1-2 Network diagram for SSL server policy configuration III.

  • Page 6: Configuring An Ssl Client Policy

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration [Sysname] pki request-certificate domain 1 Configure an SSL server policy # Create an SSL server policy named myssl. [Sysname] ssl server-policy myssl # Specify the PKI domain for the SSL server policy as 1.

  • Page 7: Configuration Procedure

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration 1.4.2 Configuration Procedure Follow these steps to configure an SSL client policy: To do... Use the command... Remarks — Enter system view system-view Create an SSL client...
  • Page 8 Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 1 SSL Configuration II. Analysis SSL handshake failure may result from the following causes: No SSL server certificate exists, or the certificate is not trusted. The server is expected to authenticate the client, but the SSL client has no certificate or the certificate is not trusted.

  • Page 9: Chapter 2 Https Configuration

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 2 HTTPS Configuration Chapter 2 HTTPS Configuration When configuring HTTPS, go to these sections for information you are interested in: HTTPS Overview HTTPS Configuration Task List Associating the HTTPS Service with an SSL Server Policy...

  • Page 10: Associating The Https Service With An Ssl Server Policy

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 2 HTTPS Configuration Configuration task Remarks Associating the HTTPS Service with a Certificate Attribute Optional Access Control Policy Associating the HTTPS Service with an ACL Optional 2.3 Associating the HTTPS Service with an SSL Server Policy You need to associate the HTTPS service with a created SSL server policy before enabling the HTTPS service.

  • Page 11: Associating The Https Service With A Certificate Attribute Access Control Policy

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 2 HTTPS Configuration Note: After the HTTPS service is enabled, you can use the display ip https command to view the state of the HTTPS service and verify the configuration.

  • Page 12: Associating The Https Service With An Acl

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 2 HTTPS Configuration Note: If the ip https certificate access-control-policy command is executed repeatedly, the HTTPS server is only associated with the last specified certificate attribute access control policy. If the HTTPS service is associated with a certificate attribute access control policy, the client-verify enable command must be configured in the SSL server policy.

  • Page 13: Https Configuration Example

    Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 2 HTTPS Configuration 2.8 HTTPS Configuration Example I. Network requirements Host acts as the HTTPS client and Switch acts as the HTTPS server. Host accesses Switch through Web to control Switch.
  • Page 14 Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 2 HTTPS Configuration [Switch-pki-domain-1] certificate request http://10.1.2.2:8080/certsrv/mscep/mscep.dll [Switch-pki-domain-1] certificate request from ra [Switch-pki-domain-1] certificate request entity en [Switch-pki-domain-1] quit # Generate a key pair locally by using the RSA algorithm.
  • Page 15 Operation Manual – SSL-HTTPS H3C S3610&S5510 Series Ethernet Switches Chapter 2 HTTPS Configuration Launch the IE explorer on Host, and enter https://10.1.1.1. You can log onto Switch and control it. Note: For details of PKI commands, refer to PKI Commands.

This manual is also suitable for:

S5510 seriesS5500-si series

Table of Contents